From: Thierry Reding <treding@nvidia.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v1 3/4] jetson-tk1: Add PSCI configuration options and reserve secure code
Date: Fri, 16 Jan 2015 09:52:25 +0100 [thread overview]
Message-ID: <20150116085224.GA9170@ulmo.nvidia.com> (raw)
In-Reply-To: <54B85450.1030504@wwwdotorg.org>
On Thu, Jan 15, 2015 at 04:59:12PM -0700, Stephen Warren wrote:
> On 01/13/2015 12:45 PM, Ian Campbell wrote:
> >The secure world code is relocated to the MB just below the top of 4G, we
> >reserve it in the FDT (by setting CONFIG_ARMV7_SECURE_RESERVE_SIZE) but it is
> >not protected in h/w. See next patch.
>
> >diff --git a/include/configs/jetson-tk1.h b/include/configs/jetson-tk1.h
>
> >+#define CONFIG_ARMV7_PSCI 1
> >+/* Reserve top 1M for secure RAM */
> >+#define CONFIG_ARMV7_SECURE_BASE 0xfff00000
> >+#define CONFIG_ARMV7_SECURE_RESERVE_SIZE 0x00100000
>
> I /think/ the assumption in the existing code is that
> CONFIG_ARMV7_SECURE_BASE is the base of some out-of-DRAM secure memory, and
> hence that's why arch/arm/cpu/armv7/virt-dt.c() only reserves memory if that
> symbol is *not* set? That seems like rather a confusing semantic given the
> variable name. Introducing a new define that looks like it's simply the size
> of that region but actually changes the reservation semantics makes the
> situation worse for me.
>
> Wouldn't it be better to have:
>
> CONFIG_ARMV7_SECURE_BASE defines where the secure code is copied to.
>
> CONFIG_ARMV7_SECURE_BASE_IS_IN_DRAM defines the obvious; whether the secure
> base is in DRAM or not.
>
> That define would default to unset and you'd get the current behaviour.
>
> If that define was set, then CONFIG_ARMV7_SECURE_BASE through
> CONFIG_ARMV7_SECURE_BASE + (__secure_end - __secure_start) would be reserved
> in RAM?
>
> That way, armv7_update_dt would be more like:
>
> int armv7_update_dt(void *fdt)
> {
> #if defined(CONFIG_ARMV7_SECURE_BASE_IS_IN_DRAM) || \
> !defined(CONFIG_ARMV7_SECURE_BASE)
> /* secure code lives in RAM, keep it alive */
> #if defined(CONFIG_ARMV7_SECURE_BASE)
> base = CONFIG_ARMV7_SECURE_BASE;
> #else
> base = __secure_start;
> #endif
> fdt_add_mem_rsv(fdt, base, __secure_end - __secure_start);
> #endif
>
> return fdt_psci(fdt);
> }
As I understand it, one of the purposes of the RESERVE_SIZE is that
hardware may not allow regions of arbitrary size to be reserved. On
Tegra for example I think the restriction is that memory can only be
secured on 1 MiB boundaries.
So unless explicitly specified we'd need a way for platforms to be able
to adjust the reserved region accordingly.
Thierry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20150116/428f8694/attachment.pgp>
next prev parent reply other threads:[~2015-01-16 8:52 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-13 19:44 [U-Boot] [PATCH v1 0/4] Jetson-TK1 support for PSCI Ian Campbell
2015-01-13 19:45 ` [U-Boot] [PATCH v1 1/4] tegra124: Add more registers to struct mc_ctlr Ian Campbell
2015-01-15 23:37 ` Stephen Warren
2015-01-16 9:32 ` Ian Campbell
2015-01-13 19:45 ` [U-Boot] [PATCH v1 2/4] virt-dt: Allow reservation of the secure region when it is in a RAM carveout Ian Campbell
2015-01-15 23:49 ` Stephen Warren
2015-01-16 9:33 ` Ian Campbell
2015-01-18 18:06 ` Ian Campbell
2015-01-13 19:45 ` [U-Boot] [PATCH v1 3/4] jetson-tk1: Add PSCI configuration options and reserve secure code Ian Campbell
2015-01-15 23:59 ` Stephen Warren
2015-01-16 8:52 ` Thierry Reding [this message]
2015-01-16 9:39 ` Ian Campbell
2015-01-19 17:17 ` Stephen Warren
2015-01-13 19:46 ` [U-Boot] [PATCH v1 4/4] tegra124: Reserve secure RAM using MC_SECURITY_CFG{0, 1}_0 Ian Campbell
2015-01-14 7:57 ` [U-Boot] [PATCH v1 0/4] Jetson-TK1 support for PSCI Thierry Reding
2015-01-14 8:58 ` Ian Campbell
2015-01-15 14:55 ` Thierry Reding
2015-01-16 9:43 ` Ian Campbell
2015-01-16 10:05 ` Thierry Reding
2015-01-16 10:24 ` Ian Campbell
2015-01-16 16:03 ` Thierry Reding
2015-01-16 16:11 ` Ian Campbell
2015-01-19 9:25 ` Thierry Reding
2015-01-19 12:09 ` Ian Campbell
2015-01-15 19:19 ` Mark Rutland
2015-01-16 9:12 ` Thierry Reding
2015-01-22 19:20 ` Mark Rutland
2015-01-23 10:10 ` Thierry Reding
2015-01-23 12:37 ` Mark Rutland
2015-01-23 14:08 ` Mark Rutland
2015-01-30 12:20 ` Thierry Reding
2015-02-05 11:44 ` Thierry Reding
2015-02-05 12:01 ` Ian Campbell
2015-02-05 12:37 ` Mark Rutland
2015-02-05 13:55 ` Thierry Reding
2015-02-05 14:37 ` Ian Campbell
2015-02-09 11:26 ` Mark Rutland
2015-02-14 15:08 ` Jan Kiszka
2015-02-19 9:20 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150116085224.GA9170@ulmo.nvidia.com \
--to=treding@nvidia.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.